Squarespace is one of the most popular website builders because it’s incredibly user-friendly, intuitive, and sleek. In addition, the platform offers tons of tools and plugins that you can use to create any kind of website you want, including an ecommerce store.
Managed Solution (Recommended)
Step 2: Answer a few simple prompts and questions, and go through all of the steps until you reach “Final Details.”
These are some of the questions you need to be ready to answer in our generator:
- What’s the business name of your company? Are you doing business under a short or trade name?
- Do you have users in the EU, UK, Iceland, Switzerland, Norway, or Liechtenstein?
- If yes, the managed solution will add a section to ensure GDPR compliance.
- Do you collect the information of Californian residents?
- If yes, the managed solution will add in a section to ensure your policy complies with the California Consumer Privacy Act (CCPA).
- What kind of personal information do you collect from users?
- How will you use the information you collect?
- Do you have a data protection officer (DPO) to oversee your compliance with US, EU, and UK privacy laws? If not, will you be appointing one in the future?
Using a Template
Templates offer more flexibility than a managed solution since you can directly add and modify existing language in Microsoft Word or Google Docs. You can also combine multiple templates and move sections around if you need be.
Do It Yourself (Not Recommended)
For example, if you have users in the EU, you need to make your policy comply with the GDPR. In the same vein, if you have users in California, you may need to add language that makes your policy compliant with the CCPA.
However, you should also keep in mind that the internet is a global marketplace. Therefore, you will need to consider privacy regulations from all over the world, such as:
General Data Protection Regulation (GDPR)
- Your company’s contact details: Give users a way to contact your business or company representative.
- Users’ privacy rights: These include the existence of each data subject’s rights, the right to file complaints with supervisory authorities, and the right to withdraw consent at any time.
- An explanation for why you’re collecting users’ data: You need to do this for every piece of data you collect from your users. You also need to outline the legal justifications for every action you do when collecting and using their personal information.
An explanation that you will provide detailed information for personal information transfers: Mention that you will provide users with detailed information about cross-border personal data transfers, including:
- The destination country of the transfer
- The risks of the transfer
- The safeguards you have in place
- Whether the recipient is covered under the EU Commission
- Whether your site has an automated decision-making system: Include information about how this system was set up and the consequences of using such a system.
California Consumer Privacy Act (CCPA)
An office or physical presence is not required in California (or the United States) for a business to fall under the CCPA scope. You must comply with the CCPA if your company collects data from California residents and meets at least one of the following thresholds:
- You have annual gross revenues of at least $25 million.
- You derive 50% or more of your annual revenues from selling Californian consumers’ personal information.
- You annually buy, receive for commercial purposes, sell, or share for commercial purposes, the personal information of over 50,000 consumers, households, or devices in California.
Children’s Online Privacy Protection Act (COPPA)
California Online Privacy Protection Act (CalOPPA)
CalOPPA doesn’t require radically different measures than the other legislations we’ve covered above. However, there are certain things you want to check to ensure full compliance:
CalOPPA has strict requirements for “conspicuousness.” Most websites link their privacy policies in the footers of their sites and apps, but that may not be enough for CalOPPA.
According to section 22577 of CalOPPA, the link must have the word “privacy” in it. It should also use a font, size, or color that’s easily distinguished from the rest of the text so that a “reasonable person would notice it.”
You should also include:
Step 1: Go to the Home Menu and click Pages.
Step 2: Once the Pages panel opens, click the + icon. Then, click Blank Page
Step 5: Click the blue “Add Section” button, then click Text.
Step 7: Click Done once you’ve completed the previous step.
Step 4: Click Done once you’ve completed the above step.
- What the company does with users’ information
- How the company obtains user consent to use their information
- How users can withdraw consent
- What third-party services Bembien uses
- Bembien’s security practices (to ensure that their users’ data isn’t misused, disclosed, destroyed, altered, or lost)
- The contact information of their Privacy Compliance Officer